SlideShare ist ein Scribd-Unternehmen logo

Asp.net membership anduserroles_ppt

Als PPTX, PDF herunterladen
Shivanand Arur
Shivanand Arur

This PPT explains in brief about Asp.Net Membership and Role Providers

Technologie
1 von 17
ASP.NET Membership and User Roles
Topics  Introduction  Why Security is important?  Different ways to secure our Application  What is Authentication and Authorization?  What are Providers in Asp.Net?  What is MembershipProvider in Asp.Net?  Overview of Asp.Net Membership System  How to configure MembershipProvider in Web.config file?  What is Role Management and Role Providers?  How to configure Role Providers in Asp.Net?
Introduction – Why Security is Important? 1. Security is one of the most important part of any Website or a Web Application. 2. Hackers are waiting out there for us and use various ways to exploit a website / web-application. 3. Hacker can attack in many ways.  Brute Force  Sniffers  Spoofing  Social Engineering  SQL Injection
Introduction - Different Ways to Secure our Application  Design your Application well.  Encrypting the Data while storing.  Input Validation.  Forcing Users for Strong Passwords.  Authentication and Authorization.
What is Authentication?  “Authentication” means to “Check someone’s genuineness”  In ASP.NET – Authentication means the same. It is a process where you check a person’s credentials.  Example – Facebook, Yahoo, Gmail. What is Authorization?  Providing access to resource based on User’s role.  Authentication always preceeds Authorization
What is a Provider in Asp.Net?  ProviderBase Class is an “Abstract Class” which follows the “Provider Model”.  This class is very simple and contains very few methods which is inherited from the “Object” Class. This class is a part of the “System.Configuration.Provider” namespace  The ProviderBase Class implementation is a 2 step process.  First implemented by “Feature–specific Providers” (Membership / Role / Profile Providers)  Feature-specific Provider is implemented by “Implementation-specific Providers” (SqlMembership Provider) ProviderBase Class Implementation ProviderBase Membership / Role SQLMembership Class Provider Classes Provider Class
What is MembershipProvider in Asp.Net?  MembershipProvider is an Abstract class, which provides an abstraction over the data source.  Membership Provider is configured in the Configuration file.  Can be bound to multiple data sources.  Asp.net provides 2 membership providers to store data :-  Microsoft SQL Server – (AspNetSqlMembershipProvider)  Windows Active Directory  Asp.Net provides us to configure our own Custom Membership Provider. (Oracle Data Source, Other data source)  This class inherits from the abstract “ProviderBase” class and contains various methods and properties to “Create, Delete, Update, Validate – Users”, “Get User information”, “Change Password”
Image taken from - http://www.felix-colibri.com/
Overview of Membership System Other Login Controls :- Login Login View Login Status Controls Membership Membership Class Membership User Class API :- Providers :- Membership Provider Provider Base Class Membership SQLMembership Provider Other Membership Provider Providers :- Data Source :- SQL ORACLE SERVER
How to use Membership System? Sample Demo
Why do we need Membership System?  Membership System is configurable and easy to use.  Provides various classes, methods, properties to deal with users information easily.  Asp.Net provides built in Login Server Controls which encapsulates most of the Membership functionality and helps write less code.  Can be integrated with Forms Authentication.  Provides a feature to store useful information like passwords, etc in hashed format within the database.  No need to create tables and write stored procedures for maintaining the data.
ASP.NET USER ROLES
What is Role Management and Role Providers?  Process of managing authorization of Users is called “Role Management”.  Helps to synch users into a group, by assigning them Roles.  A process to decide which page or any other resource can be accessed by which User.  API helps the user to know, what is the role of the User or who the User is? Role Provider –  Yet another abstract class which inherits the “ProviderBase” class.  Provides various functions to “Create”, “Delete” roles. Check a specific role of a user.  Can create custom role providers based upon our application requirements.
 Asp.Net provides 3 different Role Providers  SQLRoleProvider  WindowsTokenRoleProvider  AuthorizationStoreRoleProvider
How to configure Role Providers in Asp.Net? Sample Code
THANK YOU!!!

Empfohlen

Linq to sql
Linq to sqlLinq to sql
Linq to sqlShivanand Arur
 
SignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersSignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersShivanand Arur
 
MVC Architecture
MVC ArchitectureMVC Architecture
MVC ArchitecturePrem Sanil
 
Model View Controller (MVC)
Model View Controller (MVC)Model View Controller (MVC)
Model View Controller (MVC)Javier Antonio Humarán Peñuñuri
 
Introduction to ASP.NET
Introduction to ASP.NETIntroduction to ASP.NET
Introduction to ASP.NETRajkumarsoy
 
ASP.NET 07 - Site Navigation
ASP.NET 07 - Site NavigationASP.NET 07 - Site Navigation
ASP.NET 07 - Site NavigationRandy Connolly
 
Entity Framework Core
Entity Framework CoreEntity Framework Core
Entity Framework CoreKiran Shahi
 
Getting started with entity framework
Getting started with entity framework Getting started with entity framework
Getting started with entity framework Lushanthan Sivaneasharajah
 

Empfohlen

Linq to sql
Linq to sqlLinq to sql
Linq to sqlShivanand Arur
 
SignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersSignalR for ASP.NET Developers
SignalR for ASP.NET DevelopersShivanand Arur
 
MVC Architecture
MVC ArchitectureMVC Architecture
MVC ArchitecturePrem Sanil
 
Model View Controller (MVC)
Model View Controller (MVC)Model View Controller (MVC)
Model View Controller (MVC)Javier Antonio Humarán Peñuñuri
 
Introduction to ASP.NET
Introduction to ASP.NETIntroduction to ASP.NET
Introduction to ASP.NETRajkumarsoy
 
ASP.NET 07 - Site Navigation
ASP.NET 07 - Site NavigationASP.NET 07 - Site Navigation
ASP.NET 07 - Site NavigationRandy Connolly
 
Entity Framework Core
Entity Framework CoreEntity Framework Core
Entity Framework CoreKiran Shahi
 
Getting started with entity framework
Getting started with entity framework Getting started with entity framework
Getting started with entity framework Lushanthan Sivaneasharajah
 
Asp Net Advance Topics
Asp Net Advance TopicsAsp Net Advance Topics
Asp Net Advance TopicsAli Taki
 
ASP.NET Core
ASP.NET CoreASP.NET Core
ASP.NET CoreAbhimanyu Singhal
 
Mvc architecture
Mvc architectureMvc architecture
Mvc architectureSurbhi Panhalkar
 
servlet in java
servlet in javaservlet in java
servlet in javasowfi
 
Asp.NET Validation controls
Asp.NET Validation controlsAsp.NET Validation controls
Asp.NET Validation controlsGuddu gupta
 
ASP.NET MVC Presentation
ASP.NET MVC PresentationASP.NET MVC Presentation
ASP.NET MVC Presentationivpol
 
Springboot Microservices
Springboot MicroservicesSpringboot Microservices
Springboot MicroservicesNexThoughts Technologies
 
7.data types in c#
7.data types in c#7.data types in c#
7.data types in c#Zeeshan Ahmad
 
Spring Framework - Core
Spring Framework - CoreSpring Framework - Core
Spring Framework - CoreDzmitry Naskou
 
Advanced SQL injection to operating system full control (slides)
Advanced SQL injection to operating system full control (slides)Advanced SQL injection to operating system full control (slides)
Advanced SQL injection to operating system full control (slides)Bernardo Damele A. G.
 
Java Servlets
Java ServletsJava Servlets
Java ServletsNitin Pai
 
MVC architecture
MVC architectureMVC architecture
MVC architectureEmily Bauman
 
ASP.NET MVC.
ASP.NET MVC.ASP.NET MVC.
ASP.NET MVC.Ni
 
Asp.net.
Asp.net.Asp.net.
Asp.net.Naveen Sihag
 
Web Services (SOAP, WSDL, UDDI)
Web Services (SOAP, WSDL, UDDI)Web Services (SOAP, WSDL, UDDI)
Web Services (SOAP, WSDL, UDDI)Peter R. Egli
 
Spring MVC Framework
Spring MVC FrameworkSpring MVC Framework
Spring MVC FrameworkHùng Nguyễn Huy
 
Web application architecture
Web application architectureWeb application architecture
Web application architectureTejaswini Deshpande
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewShahed Chowdhuri
 
Linq
LinqLinq
LinqVishwa Mohan
 
User Management and Role Management in IT360
User Management and Role Management in IT360User Management and Role Management in IT360
User Management and Role Management in IT360K.Lakshmi Shankar Davey
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 

Weitere ähnliche Inhalte

Was ist angesagt?

Asp Net Advance Topics
Asp Net Advance TopicsAsp Net Advance Topics
Asp Net Advance TopicsAli Taki
 
servlet in java
servlet in javaservlet in java
servlet in javasowfi
 
Asp.NET Validation controls
Asp.NET Validation controlsAsp.NET Validation controls
Asp.NET Validation controlsGuddu gupta
 
ASP.NET MVC Presentation
ASP.NET MVC PresentationASP.NET MVC Presentation
ASP.NET MVC Presentationivpol
 
Spring Framework - Core
Spring Framework - CoreSpring Framework - Core
Spring Framework - CoreDzmitry Naskou
 
Advanced SQL injection to operating system full control (slides)
Advanced SQL injection to operating system full control (slides)Advanced SQL injection to operating system full control (slides)
Advanced SQL injection to operating system full control (slides)Bernardo Damele A. G.
 
Java Servlets
Java ServletsJava Servlets
Java ServletsNitin Pai
 
ASP.NET MVC.
ASP.NET MVC.ASP.NET MVC.
ASP.NET MVC.Ni
 
Web Services (SOAP, WSDL, UDDI)
Web Services (SOAP, WSDL, UDDI)Web Services (SOAP, WSDL, UDDI)
Web Services (SOAP, WSDL, UDDI)Peter R. Egli
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTIONAnoop T
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewShahed Chowdhuri
 

Was ist angesagt? (20)

Asp Net Advance Topics
Asp Net Advance TopicsAsp Net Advance Topics
Asp Net Advance Topics
 
ASP.NET Core
ASP.NET CoreASP.NET Core
ASP.NET Core
 
Mvc architecture
Mvc architectureMvc architecture
Mvc architecture
 
servlet in java
servlet in javaservlet in java
servlet in java
 
Asp.NET Validation controls
Asp.NET Validation controlsAsp.NET Validation controls
Asp.NET Validation controls
 
ASP.NET MVC Presentation
ASP.NET MVC PresentationASP.NET MVC Presentation
ASP.NET MVC Presentation
 
Springboot Microservices
Springboot MicroservicesSpringboot Microservices
Springboot Microservices
 
7.data types in c#
7.data types in c#7.data types in c#
7.data types in c#
 
Spring Framework - Core
Spring Framework - CoreSpring Framework - Core
Spring Framework - Core
 
Advanced SQL injection to operating system full control (slides)
Advanced SQL injection to operating system full control (slides)Advanced SQL injection to operating system full control (slides)
Advanced SQL injection to operating system full control (slides)
 
Java Servlets
Java ServletsJava Servlets
Java Servlets
 
MVC architecture
MVC architectureMVC architecture
MVC architecture
 
ASP.NET MVC.
ASP.NET MVC.ASP.NET MVC.
ASP.NET MVC.
 
Asp.net.
Asp.net.Asp.net.
Asp.net.
 
Web Services (SOAP, WSDL, UDDI)
Web Services (SOAP, WSDL, UDDI)Web Services (SOAP, WSDL, UDDI)
Web Services (SOAP, WSDL, UDDI)
 
Spring MVC Framework
Spring MVC FrameworkSpring MVC Framework
Spring MVC Framework
 
Web application architecture
Web application architectureWeb application architecture
Web application architecture
 
SQL INJECTION
SQL INJECTIONSQL INJECTION
SQL INJECTION
 
ASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with OverviewASP.NET Core MVC + Web API with Overview
ASP.NET Core MVC + Web API with Overview
 
Linq
LinqLinq
Linq
 

Andere mochten auch

User Management and Role Management in IT360
User Management and Role Management in IT360User Management and Role Management in IT360
User Management and Role Management in IT360K.Lakshmi Shankar Davey
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetShivanand Arur
 
Jumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingJumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingDougal Campbell
 
Eclipse Overview
Eclipse Overview Eclipse Overview
Eclipse Overview Lars Vogel
 
Writing your Third Plugin
Writing your Third PluginWriting your Third Plugin
Writing your Third PluginJustin Ryan
 
Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)andrewnacin
 
Building GPE: What We Learned
Building GPE: What We LearnedBuilding GPE: What We Learned
Building GPE: What We Learnedrajeevdayal
 
A Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for WicketA Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for Wicketnielsvk
 
jQuery Plugin Creation
jQuery Plugin CreationjQuery Plugin Creation
jQuery Plugin Creationbenalman
 
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14Salesforce Developers
 
Configuration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL PluginConfiguration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL PluginDaniel Spilker
 
So, you want to be a plugin developer?
So, you want to be a plugin developer?So, you want to be a plugin developer?
So, you want to be a plugin developer?ylefebvre
 
Building an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developersBuilding an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developerskim.mens
 
An easy guide to Plugin Development
An easy guide to Plugin DevelopmentAn easy guide to Plugin Development
An easy guide to Plugin DevelopmentShinichi Nishikawa
 
Plugin jQuery, Design Patterns
Plugin jQuery, Design PatternsPlugin jQuery, Design Patterns
Plugin jQuery, Design PatternsRobert Casanova
 

Andere mochten auch (16)

User Management and Role Management in IT360
User Management and Role Management in IT360User Management and Role Management in IT360
User Management and Role Management in IT360
 
Authentication and Authorization in Asp.Net
Authentication and Authorization in Asp.NetAuthentication and Authorization in Asp.Net
Authentication and Authorization in Asp.Net
 
Jumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin ProgrammingJumping Into WordPress Plugin Programming
Jumping Into WordPress Plugin Programming
 
Eclipse Overview
Eclipse Overview Eclipse Overview
Eclipse Overview
 
Writing your Third Plugin
Writing your Third PluginWriting your Third Plugin
Writing your Third Plugin
 
Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)Best Practices in Plugin Development (WordCamp Seattle)
Best Practices in Plugin Development (WordCamp Seattle)
 
Building GPE: What We Learned
Building GPE: What We LearnedBuilding GPE: What We Learned
Building GPE: What We Learned
 
A Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for WicketA Simple Plugin Architecture for Wicket
A Simple Plugin Architecture for Wicket
 
jQuery Plugin Creation
jQuery Plugin CreationjQuery Plugin Creation
jQuery Plugin Creation
 
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
The Open-source Eclipse Plugin for Force.com Development, Summer ‘14
 
Configuration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL PluginConfiguration as Code: The Job DSL Plugin
Configuration as Code: The Job DSL Plugin
 
So, you want to be a plugin developer?
So, you want to be a plugin developer?So, you want to be a plugin developer?
So, you want to be a plugin developer?
 
Building an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developersBuilding an Eclipse plugin to recommend changes to developers
Building an Eclipse plugin to recommend changes to developers
 
An easy guide to Plugin Development
An easy guide to Plugin DevelopmentAn easy guide to Plugin Development
An easy guide to Plugin Development
 
Cryptography
CryptographyCryptography
Cryptography
 
Plugin jQuery, Design Patterns
Plugin jQuery, Design PatternsPlugin jQuery, Design Patterns
Plugin jQuery, Design Patterns
 

Ähnlich wie Asp.net membership anduserroles_ppt

Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCMindfire Solutions
 
Cache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure EnvironmentCache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure EnvironmentInterSystems Corporation
 
Authentication and Single Sing on
Authentication and Single Sing onAuthentication and Single Sing on
Authentication and Single Sing onguest648519
 
Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101IDERA Software
 
2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET Membership2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET MembershipDaniel Fisher
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19aminmesbahi
 
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio TavillaLorenzo Carnevale
 
C# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access SecurityC# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access SecurityDarren Sim
 
SAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docxSAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docxjuancusa
 
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio TavillaLorenzo Carnevale
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - APIChetan Gadodia
 
Network Device Database Management with REST using Jersey
Network Device Database Management with REST using JerseyNetwork Device Database Management with REST using Jersey
Network Device Database Management with REST using JerseyPayal Jain
 
Asp net whitepaper
Asp net whitepaperAsp net whitepaper
Asp net whitepaperZayar Shwe
 

Ähnlich wie Asp.net membership anduserroles_ppt (20)

Authentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVCAuthentication & Authorization in ASPdotNet MVC
Authentication & Authorization in ASPdotNet MVC
 
Cache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure EnvironmentCache Security- Configuring a Secure Environment
Cache Security- Configuring a Secure Environment
 
Authentication and Single Sing on
Authentication and Single Sing onAuthentication and Single Sing on
Authentication and Single Sing on
 
Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101Geek Sync | SQL Security Principals and Permissions 101
Geek Sync | SQL Security Principals and Permissions 101
 
Cache Security- The Basics
Cache Security- The BasicsCache Security- The Basics
Cache Security- The Basics
 
2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET Membership2009 - NRW Conf: (ASP).NET Membership
2009 - NRW Conf: (ASP).NET Membership
 
.NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19 .NET Core, ASP.NET Core Course, Session 19
.NET Core, ASP.NET Core Course, Session 19
 
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (liberty) by Lorenzo Carnevale and Silvio Tavilla
 
Where should I be encrypting my data?
Where should I be encrypting my data? Where should I be encrypting my data?
Where should I be encrypting my data?
 
C# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access SecurityC# and ASP.NET Code and Data-Access Security
C# and ASP.NET Code and Data-Access Security
 
Java Security Framework's
Java Security Framework'sJava Security Framework's
Java Security Framework's
 
SAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docxSAP_HANA_SECURITY_overview_online_Resear.docx
SAP_HANA_SECURITY_overview_online_Resear.docx
 
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio TavillaOpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
OpenStack Identity - Keystone (kilo) by Lorenzo Carnevale and Silvio Tavilla
 
Idm Workshop
Idm WorkshopIdm Workshop
Idm Workshop
 
Web security
Web securityWeb security
Web security
 
Introduction to REST - API
Introduction to REST - APIIntroduction to REST - API
Introduction to REST - API
 
Network Device Database Management with REST using Jersey
Network Device Database Management with REST using JerseyNetwork Device Database Management with REST using Jersey
Network Device Database Management with REST using Jersey
 
Mvc by asp.net development company in india - part 2
Mvc by asp.net development company in india - part 2Mvc by asp.net development company in india - part 2
Mvc by asp.net development company in india - part 2
 
Data Base
Data BaseData Base
Data Base
 
Asp net whitepaper
Asp net whitepaperAsp net whitepaper
Asp net whitepaper
 

Kürzlich hochgeladen

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsRoshan Dwivedi
 

Kürzlich hochgeladen (20)

The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 

Asp.net membership anduserroles_ppt

  • 2. Topics  Introduction  Why Security is important?  Different ways to secure our Application  What is Authentication and Authorization?  What are Providers in Asp.Net?  What is MembershipProvider in Asp.Net?  Overview of Asp.Net Membership System  How to configure MembershipProvider in Web.config file?  What is Role Management and Role Providers?  How to configure Role Providers in Asp.Net?
  • 3. Introduction – Why Security is Important? 1. Security is one of the most important part of any Website or a Web Application. 2. Hackers are waiting out there for us and use various ways to exploit a website / web-application. 3. Hacker can attack in many ways.  Brute Force  Sniffers  Spoofing  Social Engineering  SQL Injection
  • 4. Introduction - Different Ways to Secure our Application  Design your Application well.  Encrypting the Data while storing.  Input Validation.  Forcing Users for Strong Passwords.  Authentication and Authorization.
  • 5. What is Authentication?  “Authentication” means to “Check someone’s genuineness”  In ASP.NET – Authentication means the same. It is a process where you check a person’s credentials.  Example – Facebook, Yahoo, Gmail. What is Authorization?  Providing access to resource based on User’s role.  Authentication always preceeds Authorization
  • 6.
  • 7. What is a Provider in Asp.Net?  ProviderBase Class is an “Abstract Class” which follows the “Provider Model”.  This class is very simple and contains very few methods which is inherited from the “Object” Class. This class is a part of the “System.Configuration.Provider” namespace  The ProviderBase Class implementation is a 2 step process.  First implemented by “Feature–specific Providers” (Membership / Role / Profile Providers)  Feature-specific Provider is implemented by “Implementation-specific Providers” (SqlMembership Provider) ProviderBase Class Implementation ProviderBase Membership / Role SQLMembership Class Provider Classes Provider Class
  • 8. What is MembershipProvider in Asp.Net?  MembershipProvider is an Abstract class, which provides an abstraction over the data source.  Membership Provider is configured in the Configuration file.  Can be bound to multiple data sources.  Asp.net provides 2 membership providers to store data :-  Microsoft SQL Server – (AspNetSqlMembershipProvider)  Windows Active Directory  Asp.Net provides us to configure our own Custom Membership Provider. (Oracle Data Source, Other data source)  This class inherits from the abstract “ProviderBase” class and contains various methods and properties to “Create, Delete, Update, Validate – Users”, “Get User information”, “Change Password”
  • 9. Image taken from - http://www.felix-colibri.com/
  • 10. Overview of Membership System Other Login Controls :- Login Login View Login Status Controls Membership Membership Class Membership User Class API :- Providers :- Membership Provider Provider Base Class Membership SQLMembership Provider Other Membership Provider Providers :- Data Source :- SQL ORACLE SERVER
  • 11. How to use Membership System? Sample Demo
  • 12. Why do we need Membership System?  Membership System is configurable and easy to use.  Provides various classes, methods, properties to deal with users information easily.  Asp.Net provides built in Login Server Controls which encapsulates most of the Membership functionality and helps write less code.  Can be integrated with Forms Authentication.  Provides a feature to store useful information like passwords, etc in hashed format within the database.  No need to create tables and write stored procedures for maintaining the data.
  • 14. What is Role Management and Role Providers?  Process of managing authorization of Users is called “Role Management”.  Helps to synch users into a group, by assigning them Roles.  A process to decide which page or any other resource can be accessed by which User.  API helps the user to know, what is the role of the User or who the User is? Role Provider –  Yet another abstract class which inherits the “ProviderBase” class.  Provides various functions to “Create”, “Delete” roles. Check a specific role of a user.  Can create custom role providers based upon our application requirements.
  • 15.  Asp.Net provides 3 different Role Providers  SQLRoleProvider  WindowsTokenRoleProvider  AuthorizationStoreRoleProvider
  • 16. How to configure Role Providers in Asp.Net? Sample Code